概要（Abstract）
In this research, a simple multipath IP datagram transmission scheme is proposed and implemented as a user space router program.Delay and congestion vary along with time on each path and their estimation is the difficult part.In the proposed system, Multipath Tunneling Router(called MTR), traffic and delay of each path are periodically reported to the sender.

An IP datagram is encapsulated in a UDP datagram and randomly transmitted to one of the paths according to the weight calculated with the feedback information from the receiving node.The path weight is based on the estimation of delay increase, which is measured as mean delay minus long term minimum delay of each path.

The system is implemented as a user space tunneling router program on Linux and the performance is evaluated with a network emulatorwe have developed in a previous research.The program is rather small and consists of 1252 line of codes in C++. The system is shown to be practical for two paths of different capacity and delay.Currently maximum throughput of the router implementation is about 65Mbps with a single core CPU. It can be better with faster CPU.

概要（Abstract）
In this research, a simple multipath IP datagram transmission scheme is proposed and implemented as a user space router program. An IP datagram is encapsulated in UDP datagram and randomly transmitted to one of the paths according to the weight calculated with the feedback information from the receiving node. Performance of the system was evaluated with a network emulator and the system is shown to be practical at up to 60Mbps.

概要（Abstract）
We developed a network traffic limiter (called GateKeeper)as a Linux user space PC bridge software to investigatethe effectiveness of traffic limiting for attacks suchas denial of services.The limiter passes through, drops, or dispatchesan incoming frame to one of the frame queues,according to the filter rules based on the alertsfrom an existing Intrusion Detection System (IDS).The frame queues represent delay, bandwidth limit, or random lossto discourage excessive traffic from suspicious hosts.Through the experiments we foundthat the proposed limiter running on a PCcan process frame queues effectively with given parameters.The effectiveness of traffic limiting has been partially verifiedso far for simple attacks such as port scans and ICMP flooding.The current system can be useful for developing limiting rule policyor used as a part of low cost intrusion prevention system.Note that this research is rather focused on a limiting/throttling enginethan an intrusion detection engine.

概要（Abstract）
We designed and implemented a software network emulator,GINE, using IP divert socket mechanism. A realistic network topology which consists of many routers can be represented in a simple C++ main program with our API.Through performance test, it was found that a network topology with more than 50 routers can be emulated with very high throughput of 200 Mbps on an inexpensive PC.Also, emulated throughput, delay, and loss distribution were found to be very close to the given parameters.Although GUI and many other functionalities have not been implemented yet,our emulator is a useful tool for network professionals, education, andnetwork application testing, since it is simple and easy to customize.

概要（Abstract）
In this research, practical application for quasi-realtime intrusion and network failure detection was designed and implemented.IP packet headers are counted at the monitoring point and summarized in every 5 minutes. Then four kind of statistical analyses are applied to the 5-minute summaries to find a sudden increase/decrease.As the result, the developed application works fine with a standard desktop PC.Warnings were reported in at most 1 minute after every 5-minutesummary.In addition to the warning report, Web interfaces were implemented to help the administrator to trace the cause of a warning.